1 / 10

IPSEC Working Group meeting

Monday, November 10, 2003 1300-1500 Salon A Please reserve the first four rows for people who have read RFC2401-bis or who have reviewed the open/pending issues in the Roundup Issue tracker. IPSEC Working Group meeting. IPSEC Agenda. Agenda Bashing Draft Review RFC 2401-bis

arnav
Download Presentation

IPSEC Working Group meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Monday, November 10, 2003 1300-1500 Salon A Please reserve the first four rows for people who have read RFC2401-bis or who have reviewed the open/pending issues in the Roundup Issue tracker IPSEC Working Group meeting

  2. IPSEC Agenda • Agenda Bashing • Draft Review • RFC 2401-bis • Open issues review • Revised processing model (Steve Kent) • Strong Identity Protection Using Hidden Credentials – Hilarie Orman (10 min) • Camilla (5min) • BEAT (10 min)

  3. I-D Draft Review, 1 • Publication Requested (on Russ's reading pile) • draft-ietf-ipsec-ikev2 • draft-ietf-ipsec-ikev2-algorithms • draft-ietf-ipsec-ui-suites • IESG wait (11-20 telechat) • draft-ietf-ipsec-aes-ccm (a-d goahead) • draft-ietf-ipsec-aes-xcbc-prf • draft-ietf-ipsec-nat-t-ike • RFC editor queue • draft-ietf-ipsec-ciph-aes-ctr • MIB docs • dead EXCEPT for draft-ietf-ipsec-flow-monitoring-mib

  4. I-D Draft Review, 2 • Ping A-D • draft-ietf-ipsec-dpd • draft-ietf-ipsec-nat-rqts • Need new drafts (see draft tracker) • Initial IANA registry file • draft-ietf-ipsec-udp-encaps • draft-ietf-ipsec-esn-addendum (IPsec, IPR, disclaimers) • draft-ietf-ipsec-esp-v3 • minor references, explicit obsoletes 2406 • draft-ietf-ipsec-rfc-2402bis • minor references, explicit obsoletes 2402, need mandatory/optional crypto algorithms document for ESP/AH

  5. I-D Draft Review, 3 • On-going work • draft-ietf-ipsec-rfc2401bis

  6. RFC 2401-bis issues, 1 • Issue #82: Creation of SAs – clarifications • need better text, pending state • Issue #85: DROP'd inbound packet -- does not match SA • Use IKEv2 message instead (require re-opening ikev2) • Issue #88: Lift the prohibition on red-side fragmentation by SG, BITS, BITW (text from Mark Duffy) • Issue #89: Remove the selector "name" (reject, new text from Karen to clarify use of selector name)

  7. RFC 2401-bis issues, 2 • Issue #90: Remove the selector "data sensitivity level" • Issue #91: Handling ICMP error messages • proposed text very complicated, diagrams only reflect tunnel mode, need people to review • Issue #44: Proposed change: forwarding table lookup to select virtual interface ID • Issue #45: Proposed change: use of cache with de-correlated SPD

  8. Steve Kent: revised processing model

  9. RFC 2401-bis timeline (proposed) • Close all issues by November 30th • Final draft by December 15th • Start wg last call from Dec. 15th to January 10th

  10. Related BOF's • IKEv2 Mobility and Multihoming • Tuesday, November 11 – Salon B • Profiling Use of PKI in IPSEC BOF • Thursday, November 13 – Salon F

More Related